The hackers behind the Los Angeles Unified School District (LAUSD) have demanded an undisclosed amount weeks after the ransomware attack earlier this month. LAUSD officials confirmed the news on September 21, adding that they did not respond to the ransom demand.
“We can acknowledge… that there has been communication from this [hacker], and we have been responsive without engaging in any type of negotiations,” LAUSD superintendent Alberto Carvalho said, an online news website reported. “We have not responded to that demand,” he added. Although Carvalho did not disclose the amount demanded by the hackers, it is clear that the attackers sought profit despite the authorities involved in the investigations.
The Federal Bureau of Investigation, the Department of Homeland Securities, and the Cybersecurity and Infrastructure Agency are investigating the cyberattack. The hackers have not been identified yet. However, there are speculations that the ransomware gang Vice Society was behind the attack.
Carvalho added that the breach did not compromise sensitive information; however, the hacker impacted the ‘My Integrated Student Information System’(MiSiS) that stores student data. “To the best of our knowledge at this point… we believe that some of the data that was accessed may have some students’ names, may have some degree of attendance data, but more than likely lacks personally identifiable information or very sensitive health information or Social Security number information.”
The investigation is yet to reveal the medium of the breach. However, to prevent such attacks from taking place in the future, the school district is working toward ramping up its applications and systems. Moreover, the teachers, students, staff and parents have limited access to the systems, and the five-week report cards have also been delayed.
Following the cyberattack, the Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) warned schools against Vice Society. The ransomware group has been targeting the education sector in the recent past. The alert published also predicted more such attacks as schools are “soft targets” for hackers.